Server Certificates

Service Description

Standard, storage area network (SAN), and wildcard Secure Sockets Layer (SSL) certificates provided for University departments and affiliates.
Status: 
Active

Make a Request

Make a Request: 

Visit the request form. You will be required to login with your UNI and password.

You may submit a renewal request up to 30 days in advance of your certificate's expiration.

Approvals may take up to 5 business days. Initial requests for non-.columbia.edu domains will take longer, will require additional information to be submitted, and changes to the DNS records by the WHOIS admin contact.

Wildcard certificates require additional validation by the certificate authority; you may be contacted for additional information.

Support Contact

Service Support Contact: 

Please send email to askcuit@columbia.edu or call the CUIT Service Desk at 212-854-1919 to ask questions or report an issue.

Additional Information

Additional Information: 
CUIT will only approve certificate requests submitted via CUIT's InCommon SSL Certificate portal. We will not authorize requests submitted via other Certificate Authorities.

CUIT has paid for a bulk license with for the InCommon Certificate Service for unlimited standard, SAN, and wildcard SSL certificates.  These certs are provided by Comodo, a leading commercial provider of certificates through an arrangement with the Internet2 InCommon consortium.

SSL Certificates

Columbia University Information Technology has purchased a block of SSL Server Certificates from InCommon. These are available to the Columbia community at zero cost.

Who Is Eligible? What Domains Are Eligible?

All Columbia University departments and affiliates can use this service. CUIT will sign certificates for domains in columbia.edu and other domains controlled by Columbia University departments and affiliates subject to the University's Internet Domain Name Policy.

Will CUIT Approve Certificate Signing Requests Submitted Via Other Certificate Authorities?

No. CUIT will only approve certificate requests submitted via CUIT's InCommon SSL Certificate portal. We will not authorize requests submitted via other Certificate Authorities.

Why Use A CUIT InCommon SSL Certificate?

We offer standard SSL, Unified Communication, multi-domain, and wildcard certificates; all at zero cost.

How Long Is A CUIT InCommon SSL Certificate Good For?

Certificates are valid for 2 years from when they are issued. You will receive email directly from InCommon starting 30 days before the certificate expires.

What Is The Minimum Length For Certificate Keys?

Certificate keys must be at least 2048-bit. 1024-bit keys are no longer accepted. For more information, see InCommon's key length documentation.

Reusing CSRs and Keys for Certificates

Certificate Signing Requests (CSR) and their keys shall not be reused. Users must generate and submit new CSRs whenever certificates are renewed.